Error: cannot restore segment prot after reloc: Permission Denied

Ketika masuk SQL * Plus atau program OCI lainnya pada Red Hat Enterprise Linux atau Oracle Enterprise Linux 5.0 , lalu muncul error seperti dibawah

[root@zainserv]$ tnsping orcl
tnsping: error while loading shared libraries: /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.11.1: cannot restore segment prot after reloc: Permission denied
[root@zainserv]$ sqlplus /nolog
sqlplus: error while loading shared libraries: /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.11.1: cannot restore segment prot after reloc: Permission denied
[root@zainserv]$

Nah, coba liat di /var/log/audit/audit.log anda akan melihat sesuatu yang mirip dengan berikut ini.

type=AVC msg=audit(1272220424.619:34): avc:  denied  { execmod } for  pid=2996 comm="sqlplus" path="/u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.11.1" dev=hda1 ino=8978342 scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:object_r:default_t:s0 tclass=file
 

type=SYSCALL msg=audit(1272220424.619:34): arch=c000003e syscall=10 success=no exit=-13 a0=2aeaa25db000 a1=228a000 a2=5 a3=2aeaa2677578 items=0 ppid=2971 pid=2996 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts3 ses=1 comm="sqlplus" exe="/u01/app/oracle/product/11.2.0/dbhome_1/bin/sqlplus" subj=user_u:system_r:unconfined_t:s0 key=(null) 

Jika running dengan X-Windows maka akan muncul pop up SELinux AVC seperti di bawah.







Warning tsb muncul karena SELinux running pada "enforcing mode". Untuk melihat status SELinux yang sedang running, bisa menggunakan command "sestatus".

[root@zainserv]# sestatus
SELinux status:                    enabled
SELinuxfs mount:                /selinux
Current mode:                      enforcing
Mode from config file:         enforcing
Policy version:                     21
Policy from config file:        targeted
[root@zainserv]#